Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UPhRl-STkyCjaXIw4V6X1Z5Pxeo.roa
File: UPhRl-STkyCjaXIw4V6X1Z5Pxeo.roa (raw, json)
Hash identifier: fHttd3STZEbAhxbiJHcTw2JYYXAF7HA9B6I14598Jg4=
Subject key identifier: 50:F8:51:97:E4:93:93:20:A3:69:72:30:E1:5E:97:D5:9E:4F:C5:EA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019DB0839C58CCFCCA5F3779D58BE1975B6B
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UPhRl-STkyCjaXIw4V6X1Z5Pxeo.roa
Signing time: Tue 21 Apr 2026 14:48:28 +0000
ROA not before: Tue 21 Apr 2026 14:48:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 135402
IP address blocks: 151.242.86.0/24 maxlen: 24
151.243.4.0/24 maxlen: 24
151.243.206.0/24 maxlen: 24
151.243.221.0/24 maxlen: 24
151.247.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b0:83:9c:58:cc:fc:ca:5f:37:79:d5:8b:e1:97:5b:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 21 14:48:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=50f85197e4939320a3697230e15e97d59e4fc5ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:af:6f:a1:27:78:ee:67:a7:e0:65:48:ae:33:
07:1e:53:3e:5e:94:a5:39:09:f5:5d:fa:eb:27:46:
ed:ea:74:00:42:33:57:b0:eb:50:ca:7c:69:27:2a:
7b:32:c4:e6:c5:d8:23:6c:99:9d:8d:f9:2a:09:85:
6c:b3:72:85:49:0b:df:b9:75:56:c7:66:5c:dc:15:
12:93:13:06:b9:2f:f7:65:f0:3f:9e:8f:25:57:fa:
a1:c1:2c:6a:2e:dc:f8:dc:9a:68:c7:b6:71:6f:08:
22:78:12:8c:43:85:bf:14:8c:9e:d8:c1:05:6a:d1:
89:59:4d:46:55:35:52:c6:00:33:e6:34:2f:ee:6d:
41:c9:03:ac:f0:d0:be:cf:b8:71:8a:59:38:a3:01:
64:31:db:7c:36:73:a6:95:3f:c3:43:50:4a:ec:a1:
be:af:32:ba:3f:7c:20:44:01:d0:05:0c:1b:f5:6e:
35:e7:ea:27:62:56:c3:60:13:70:fa:14:3d:9f:6f:
bd:03:32:39:e0:75:f8:8e:1e:21:eb:36:80:1c:af:
21:78:29:ea:8d:28:28:40:ba:ba:e7:bc:ff:78:3c:
0f:0b:15:66:f5:40:48:e1:d1:85:f8:9b:08:ba:45:
e9:55:86:a5:af:88:66:64:b7:41:5d:cd:e9:4c:a3:
5d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:F8:51:97:E4:93:93:20:A3:69:72:30:E1:5E:97:D5:9E:4F:C5:EA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UPhRl-STkyCjaXIw4V6X1Z5Pxeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.86.0/24
151.243.4.0/24
151.243.206.0/24
151.243.221.0/24
151.247.164.0/24
Signature Algorithm: sha256WithRSAEncryption
52:53:9c:64:94:81:89:48:ca:a7:c0:6a:04:b7:a7:25:9e:fa:
55:be:70:9b:bd:75:4d:a7:b0:8b:82:23:c3:35:79:70:4f:15:
c0:5c:b6:ad:94:e7:af:f9:f2:c2:15:6f:c6:8e:19:a1:02:54:
79:3f:51:3d:6d:b0:f9:c5:24:e0:c4:54:c3:2f:8e:3b:14:a2:
e7:26:9a:bd:43:bf:0e:62:28:59:c3:5b:e5:d6:ed:c5:f3:db:
71:a5:95:5f:6a:66:83:2d:41:1a:1c:48:87:47:78:f3:5d:ba:
77:fd:ee:7b:c5:71:7e:0c:c6:ec:bb:b1:df:48:ad:d3:d6:fe:
47:a9:6d:f0:84:3d:22:54:d0:95:c2:94:0f:0a:2e:7c:ea:f7:
bc:97:33:dd:05:57:19:98:ad:72:77:d5:80:8e:04:53:1d:27:
cc:a3:15:dc:17:79:6a:76:97:95:f6:4d:fb:f4:46:2e:6c:24:
48:87:12:12:31:44:52:99:f2:59:53:b8:6a:00:58:02:0d:14:
c0:06:e4:cc:40:96:17:59:75:47:e4:9c:24:8d:c5:c4:07:67:
14:3d:10:52:4b:9f:78:38:5c:63:15:05:d5:b4:6e:f2:84:c3:
de:eb:4e:6e:d9:40:e6:9a:21:e3:84:f7:4b:dc:7f:e2:71:d0:
fd:72:09:66
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ2wg5xYzPzKXzd51Yvhl1trMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDIxMTQ0ODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGY4NTE5N2U0OTM5MzIwYTM2OTcyMzBlMTVlOTdkNTllNGZjNWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwa9voSd47men4GVIrjMHHlM+XpSl
OQn1XfrrJ0bt6nQAQjNXsOtQynxpJyp7MsTmxdgjbJmdjfkqCYVss3KFSQvfuXVW
x2Zc3BUSkxMGuS/3ZfA/no8lV/qhwSxqLtz43Jpox7ZxbwgieBKMQ4W/FIye2MEF
atGJWU1GVTVSxgAz5jQv7m1ByQOs8NC+z7hxilk4owFkMdt8NnOmlT/DQ1BK7KG+
rzK6P3wgRAHQBQwb9W415+onYlbDYBNw+hQ9n2+9AzI54HX4jh4h6zaAHK8heCnq
jSgoQLq657z/eDwPCxVm9UBI4dGF+JsIukXpVYalr4hmZLdBXc3pTKNdtQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFD4UZfkk5Mgo2lyMOFel9WeT8XqMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvVVBoUmwtU1RreUNqYVhJdzRWNlgxWjVQeGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAl/JWAwQA
l/MEAwQAl/POAwQAl/PdAwQAl/ekMA0GCSqGSIb3DQEBCwUAA4IBAQBSU5xklIGJ
SMqnwGoEt6clnvpVvnCbvXVNp7CLgiPDNXlwTxXAXLatlOev+fLCFW/GjhmhAlR5
P1E9bbD5xSTgxFTDL447FKLnJpq9Q78OYihZw1vl1u3F89txpZVfamaDLUEaHEiH
R3jzXbp3/e57xXF+DMbsu7HfSK3T1v5HqW3whD0iVNCVwpQPCi586ve8lzPdBVcZ
mK1yd9WAjgRTHSfMoxXcF3lqdpeV9k379EYubCRIhxISMURSmfJZU7hqAFgCDRTA
BuTMQJYXWXVH5JwkjcXEB2cUPRBSS594OFxjFQXVtG7yhMPe605u2UDmmiHjhPdL
3H/icdD9cglm
-----END CERTIFICATE-----
Generated at Wed May 13 04:48:08 2026 by rpki-client